Managing blockchain-based centralized ledger systems

ABSTRACT

Disclosed herein are methods, systems, and apparatus, including computer programs encoded on computer storage media, for managing blockchain-based centralized ledger systems. One of the methods includes transmitting individual timestamp requests for to-be-timestamped blocks in a blockchain to a trust time server independent from a blockchain-based centralized ledger system that stores data in the blockchain, the blockchain including a plurality of blocks storing transaction data, receiving respective timestamps and associated signatures for the to-be-timestamped blocks from the trust time server, and storing information of the respective timestamps and associated signatures for the to-be-timestamped blocks in respective timestamped blocks in the blockchain, any adjacent two of the timestamped blocks in the blockchain being anchored with each other.

CROSS-REFERENCE TO RELATED APPLICATIONS

This application is a continuation of PCT Application No.PCT/CN2019/104066, filed on Sep. 2, 2019, which is hereby incorporatedby reference in its entirety.

TECHNICAL FIELD

This specification relates to managing blockchain-based centralizedledger systems.

BACKGROUND

A ledger is typically used to record a history of transactions, such aseconomic and financial activities in an organization. Applications withledger-like functionality, such as custom audit tables or audit trailscreated in relational databases, have been built to maintain an accuratehistory of applications' data. However, building such applications istime-consuming and prone to human error. Also, as the relationaldatabases are not inherently immutable, any changes to the data are hardto track and verify.

Distributed ledger systems (DLSs), which can also be referred to asconsensus networks, and/or blockchain networks, enable participatingentities to securely, and immutably store data. DLSs are commonlyreferred to as blockchain networks without referencing any particularuser case. Examples of types of blockchain networks can include publicblockchain networks, private blockchain networks, and consortiumblockchain networks. Blockchain networks perform a consensus process tovalidate each transaction before the transaction can be added to theblockchain networks, which can be time-consuming, ineffective, andcomplicated.

Therefore, it would be desirable to develop a ledger system that caneffectively and securely manage transactions while providingimmutability, reliability, trustworthiness, and verifiability of thetransactions.

SUMMARY

This specification describes technologies for managing blockchain-basedcentralized ledger systems. These technologies generally involve ablockchain-based centralized ledger system (e.g., a universal auditableledger service system) that adopts a data structure of a blockchain toleverage immutability, reliability, and trustworthiness of data storedon the blockchain. The centralized ledger system can obtain trusttimestamp information from a trust time server that is independent fromthe centralized ledger system (e.g., a third-party, globallyacknowledged time authority). The centralized ledger system can leveragethe established trust on the timestamp information provided by the trusttimer server and integrate the trust timestamp information into thecentralized ledger system for the data stored on the blockchain, whichcan further enhance credibility, auditability, and legality of thestored data.

These technologies described herein can provide enhanced immutability,reliability, trustworthiness, and verifiability of data stored in theblockchain. In some embodiments, the described technologies can anchortimestamped blocks in the blockchain that store trust timestampinformation of the trust time server, for example, by adding a hash of aprevious timestamped block into a subsequent timestamped block. Such ananchoring provides an additional hash tangle among the timestampedblocks in the blockchain, in addition to an existing hash tangle betweenadjacent blocks in the blockchain. Immutability of the data stored onthe blockchain can be further enhanced, even in cases where not everyblock in the blockchain is timestamped. As long as a hash verificationon all timestamped blocks succeeds, the trustworthiness of all blocks inthe blockchain can be guaranteed even if there are non-timestampedblocks that do not store trust timestamp information obtained from thetrust time server in between two adjacent timestamped blocks in theblockchain.

This specification also provides one or more non-transitorycomputer-readable storage media coupled to one or more processors andhaving instructions stored thereon which, when executed by the one ormore processors, cause the one or more processors to perform operationsin accordance with embodiments of the methods provided herein.

This specification further provides a system for implementing themethods provided herein. The system includes one or more processors, anda computer-readable storage medium coupled to the one or more processorshaving instructions stored thereon which, when executed by the one ormore processors, cause the one or more processors to perform operationsin accordance with embodiments of the methods provided herein.

It is appreciated that methods in accordance with this specification mayinclude any combination of the aspects and features described herein.That is, methods in accordance with this specification are not limitedto the combinations of aspects and features specifically describedherein, but also include any combination of the aspects and featuresprovided.

The details of one or more embodiments of this specification are setforth in the accompanying drawings and the description below. Otherfeatures and advantages of this specification will be apparent from thedescription and drawings, and from the claims.

BRIEF DESCRIPTION OF THE DRAWINGS

FIG. 1 is a diagram illustrating an example of an environment that canbe used to execute embodiments of this specification.

FIG. 2 is a diagram illustrating an example of an architecture inaccordance with embodiments of this specification.

FIG. 3 is a diagram illustrating an example of an environmentimplementing trust timestamp services in a blockchain-based centralizedledger system in accordance with embodiments of this specification.

FIG. 4A is a diagram illustrating an example of a blockchain-basedcentralized ledger system for implementing a trust timestamp service ina single ledger server associated with a single client in accordancewith embodiments of this specification.

FIG. 4B is a diagram illustrating an example of a blockchain-basedcentralized ledger system for providing a trust timestamp service tomultiple clients by a joint ledger server in accordance with embodimentsof this specification.

FIG. 5 is a diagram illustrating an example of a process of integratingtrust timestamp information for transaction data into a blockchain-basedcentralized ledger system in accordance with embodiments of thisspecification.

FIG. 6 is a flowchart illustrating an example of a process that can beexecuted in accordance with embodiments of this specification.

FIG. 7 depicts examples of modules of an apparatus in accordance withembodiments of this specification.

Like reference numbers and designations in the various drawings indicatelike elements.

DETAILED DESCRIPTION

This specification describes technologies for managing blockchain-basedcentralized ledger systems. These technologies generally involve ablockchain-based centralized ledger system (e.g., a universal auditableledger service system) that adopts a data structure of a blockchain toleverage immutability, reliability, and trustworthiness of data storedon the blockchain. The centralized ledger system can obtain trusttimestamp information from a trust time server that is independent fromthe centralized ledger system (e.g., a third-party, globallyacknowledged time authority). The centralized ledger system can leveragethe established trust on the timestamp information provided by the trusttimer server and integrate the trust timestamp information into thecentralized ledger system for the data stored on the blockchain, whichcan further enhance credibility, auditability, and legality of thestored data.

These technologies described herein can provide enhanced immutability,reliability, trustworthiness, and verifiability of data stored in theblockchain. In some embodiments, the described technologies can anchortimestamped blocks in the blockchain that store trust timestampinformation of the trust time server, for example, by adding a hash of aprevious timestamped block into a subsequent timestamped block. Such ananchoring provides an additional hash tangle among the timestampedblocks in the blockchain, in addition to an existing hash tangle betweenadjacent blocks in the blockchain. Immutability of the data stored onthe blockchain can be further enhanced, even in cases where not everyblock in the blockchain is timestamped. As long as a hash verificationon all timestamped blocks succeeds, the trustworthiness of all blocks inthe blockchain can be guaranteed even if there are non-timestampedblocks that do not store trust timestamp information obtained from thetrust time server in between two adjacent timestamped blocks in theblockchain.

The techniques described in this specification produce several technicaleffects. In some embodiments, the blockchain-based centralized ledgersystem can be a ledger system based on centralization, which can providea cryptographically verifiable state-independent data ledger storagewith time-critical auditing (with non-repudiation andtemper-resistance). In some embodiments, the blockchain-basedcentralized ledger system can provide ledger services based on a cloudplatform featuring centralized endorsement with credibility andneutrality. The blockchain-based centralized ledger system can providehighly reliable and high-performance auditable streaming ledger servicesby leveraging both a blockchain system's high credibility and acentralized system's high performance and low latency for handlingvarious types of data and logs with auditing requirements, traceability,and tracking.

In some embodiments, the blockchain-based centralized ledger system caninclude a central trusted authority that provides transparent,immutable, and cryptographically verifiable data that are stored inblocks of a blockchain data structure. In some embodiments, the storeddata can be in a log format, including, for example, not only fortransaction logs but also other transaction data and block data. Due tothe existence of the central trusted authority, the blockchain-basedcentralized ledger system does not need to perform consensus processesto establish trust, which can result in significant time- andcost-saving. In some embodiments, the blockchain-based centralizedledger system can be more efficient compared to a typicalblockchain-based distributed or decentralized ledger system. In someembodiments, the blockchain-based centralized ledger system can providea cloud-based storage service with enhanced trust, efficiency, andstorage performance.

In some embodiments, the blockchain-based centralized ledger system canenhance

credibility, auditability, and legality of stored data on a blockchain.For example, the centralized ledger system can interface with a trusttime server and provide trust timestamp information of the trust timeserver to clients of the blockchain-based centralized ledger system. Thetrust time server is independent from the centralized ledger system. Thetrust time server can be associated with a third-party trust timeauthority that provides accurate time services and can be acknowledgedor trusted, for example, globally, by the public, auditing entities(such as companies, institutions, or organizations), and/or legalentities (such as courts or governments). As the trustworthiness of thetimestamp information provided by the trust time server is acknowledged,integrating the timestamp information of the trust time server into thecentralized ledger system for the data stored on the blockchain canfurther enhance credibility, auditability, and legality of the datastored in the centralized ledger system.

In some embodiments, the blockchain-based centralized ledger systemfeatures respective rights of parties or participants of theblockchain-based centralized ledger system. For example, a client of theblockchain-based centralized ledger system can have a right of providinga signature for storing transaction data on a blockchain in thecentralized ledger system such that the client cannot repudiate thetransaction data. In some embodiments, the centralized ledger system hasa right of providing a signature for acknowledging the storage of thetransaction data such that the centralized ledger system cannot denystoring the transaction data. In some embodiments, a trust time serverhas a right of providing a signature for trust timestamp information forthe transaction data stored on the centralized ledger system such thatthe trust time server cannot deny the trust timestamp information. Insome embodiments, the three respective rights of the three parties (theclient, the ledger system, and the trust time server) are independentfrom each other, which can further enhance creditability andauditability of the transaction data stored in the centralized ledgersystem.

In some embodiments, the blockchain-based centralized ledger system canprovide enhanced orderliness and authenticity of transaction data storedon the blockchain. For example, the blockchain-based centralized ledgersystem can transmit trust timestamp requests for transaction data storedon a blockchain to the trust time server, and the trust time server canprovide trust timestamp information such as timestamps and associatedsignatures, for example, to authenticate or endorse the time of thetransaction data stored on a blockchain. The centralized ledger systemcan store the trust timestamp information, e.g., as transactions, in theblockchain. The trust timestamp information can be used to verifyorderliness and authenticity of the transaction data stored on theblockchain, which in turn can provide enhanced creditability,auditability and legality of the transaction data stored on theblockchain.

In some embodiments, the blockchain-based centralized ledger system canprovide an efficient, fast, and reliable method for verification ofvalidity of the stored transaction data on the blockchain and furtherenhance the credibility and auditability of the stored transaction data.For example, a ledger server in the centralized ledger system canperiodically transmit individual timestamp requests forto-be-timestamped blocks generated in the blockchain to the trust timeserver at a predetermined triggering time period. Each of theto-be-timestamped blocks can be the most recent block generated in theblockchain when the respective timestamp request is transmitted. Afterreceiving respective trust timestamps and associated signatures for theto-be-timestamped blocks from the trust time server, the ledger serverstores information of the respective trust timestamps and associatedsignatures for the to-be-timestamped blocks in blocks immediatelysubsequent to the to-be-timestamped blocks in the blockchain,respectively. The blocks storing the information of the respective trusttimestamps and associated signatures can be referred to as timestampedblocks in the blockchain.

In some embodiments, the timestamped blocks can be anchored (or linked)together in the blockchain, such that the centralized ledger system canquickly trace blocks (and/or transactions) associated with trusttimestamps and verify correctness of the anchored relationship betweenthe timestamped blocks. The terms “anchored” and “linked” can be usedinterchangeably herein. In some embodiments, the timestamped blocksbeing anchored together can be implemented by that a timestamped blockstores information that uniquely identifies a timestamped blockimmediately before the timestamped block among the timestamped blocks inthe blockchain. In some embodiments, the timestamped blocks beinganchored together can be implemented by that a timestamp request of ato-be-timestamped block including information of a previous timestampedblock that is the most recent timestamped block generated in theblockchain. The information can include at least one of a hash of theprevious timestamped block or a block identifier of the previoustimestamped block, where each of multiple blocks in the blockchain isassociated with a respective block identifier and is stored in order inthe blockchain according to the respective block identifier.

In some embodiments, after receiving the timestamp request, the trusttime server can generate a respective trust timestamp and associatedsignature encrypting the trust timestamp and the timestamp requestincluding the information of the previous timestamped block. Informationof the respective trust timestamp and associated signature can be thenstored in a timestamped block immediately subsequent to the previoustimestamped block among the timestamped blocks in the blockchain. Insuch a way, these two timestamped blocks are anchored to each other.

Moreover, as the timestamp request including the information of theprevious timestamped block is included in the signature of the trusttime server, the anchored relationship between the two timestampedblocks is also endorsed by the trust time server, which can furtherenhance the credibility and auditability of the stored transaction dataon the blockchain.

In some embodiments, a second timestamped block immediately subsequentto a first timestamped block among the timestamped blocks in theblockchain stores information of the first timestamped block. Theinformation of the first timestamped block includes at least one of thehash of the first timestamped block or the first respective blockidentifier of the first timestamped block. In such a way, the first andsecond timestamped blocks are anchored to each other. Moreover, blocksin the blockchain are anchored to each other by storing a hash of apreceding block immediately before it in the blockchain. The secondtimestamped block can also include a hash of a preceding blockimmediately before the second timestamped block in the blockchain.

In some embodiments, the blockchain-based centralized ledger system canfurther enhance credibility and auditability of the stored transactiondata on the blockchain without frequently transmitting timestamprequests to cause high costs. For example, the first timestamped blockand the second timestamped block may not be adjacent to each other amongthe multiple blocks in the blockchain and there can be one or morenon-timestamped blocks between the first timestamped block and thesecond timestamped block. The one or more non-timestamped blocks do notinclude trust timestamp information obtained from the trust time server.A non-timestamped block can be referred to as anon-externally-timestamped block as it can include an internal (orlocal) timestamp generated by the ledger server or the centralizedledger system that generates the block. The non-externally-timestampedcan be, for example, a to-be-timestamped block. By anchoring the firstand second timestamped blocks together, the one or more non-timestampedblocks between them can be determined to generate at time points betweena first respective timestamp included in the first timestamped block anda second respective timestamp included in the second timestamped block,which can further enhance the credibility and auditability of the storedtransaction data on the blockchain and reduce the overall cost of thecentralized ledger system for obtaining trust timestamp information fromthe trust time server.

To provide further context for embodiments of this specification, and asintroduced above, distributed ledger systems (DLSs), which can also bereferred to as consensus networks (e.g., made up of peer-to-peer nodes),and blockchain networks, enable participating entities to securely, andimmutably conduct transactions, and store data. Although the termblockchain is generally associated with particular networks, and/or usecases, blockchain is used herein to generally refer to a DLS withoutreference to any particular use case.

A blockchain is a data structure that stores transactions in a way thatthe transactions are immutable. Thus, transactions recorded on ablockchain are reliable and trustworthy. A blockchain includes one ormore blocks. Each block in the chain is linked to a previous blockimmediately before it in the chain by including a hash of the previousblock. Each block also includes a local timestamp (e.g., provided by acomputing device that generates the block or a computing system thatmanages the blockchain), its own hash, and one or more transactions. Forexample, the block can include a block header and a block body. Theblock header can include the local timestamp, its own hash, and a hashof the previous block. The block body can include payload informationsuch as the one or more transactions (or transaction data). Thetransactions, which have already been verified by the nodes of theblockchain network, are hashed and encoded into a Merkle tree. A Merkletree is a data structure in which data at the leaf nodes of the tree ishashed, and all hashes in each branch of the tree are concatenated atthe root of the branch. This process continues up the tree to the rootof the entire tree, which stores a hash that is representative of alldata in the tree. A hash purporting to be of a transaction stored in thetree can be quickly verified by determining whether it is consistentwith the structure of the tree.

Whereas a blockchain is a decentralized or at least partiallydecentralized data structure for storing transactions, a blockchainnetwork is a network of computing nodes that manage, update, andmaintain one or more blockchains by broadcasting, verifying andvalidating transactions, etc. As introduced above, a blockchain networkcan be provided as a public blockchain network, a private blockchainnetwork, or a consortium blockchain network.

In general, a consortium blockchain network is private among theparticipating entities. In a consortium blockchain network, theconsensus process is controlled by an authorized set of nodes, which canbe referred to as consensus nodes, one or more consensus nodes beingoperated by a respective entity (e.g., a financial institution,insurance company). For example, a consortium of ten (10) entities(e.g., financial institutions, insurance companies) can operate aconsortium blockchain network, each of which operates at least one nodein the consortium blockchain network. In some examples, within aconsortium blockchain network, a global blockchain is provided as ablockchain that is replicated across all nodes. That is, all consensusnodes are in perfect state consensus with respect to the globalblockchain. To achieve consensus (e.g., agreement to the addition of ablock to a blockchain), a consensus protocol is implemented within theconsortium blockchain network. For example, the consortium blockchainnetwork can implement a practical Byzantine fault tolerance (PBFT)consensus, described in further detail below.

In some embodiments, a centralized ledger system can also adopt the datastructure of a blockchain to leverage immutability, reliability, andtrustworthiness of data stored on a blockchain. In some embodiments,such a centralized ledger system can be referred to as ablockchain-based centralized ledger system or a universal auditableledger service system. In some embodiments, the blockchain-basedcentralized ledger system can include a central trusted authority thatprovides transparent, immutable, and cryptographically verifiable datathat are stored in blocks of a blockchain data structure. The storeddata can be in a log format, including, for example, not only fortransaction logs but also other transaction data and block data. Due tothe existence of the central trusted authority, the blockchain-basedcentralized ledger system does not need to perform consensus processesto establish trust. In some embodiments, the blockchain-basedcentralized ledger system can be more efficient compared to a typicalblockchain-based distributed or decentralized ledger system. In someembodiments, the blockchain-based centralized ledger system can providea cloud-based storage service with enhanced trust, efficiency, andstorage performance.

In some embodiments, the centralized ledger system can be a node of ablockchain network. For example, the centralized ledger system can be anon-consensus node in the blockchain network and can provide highlyreliable and high-performance auditable streaming ledger services forthe consensus nodes or other non-consensus nodes in the blockchainnetwork, or entities outside of the blockchain network.

FIG. 1 is a diagram illustrating an example of an environment 100 thatcan be used to execute embodiments of this specification. In someexamples, the environment 100 enables entities to participate in aconsortium blockchain network 102. The environment 100 includescomputing devices 106, 108, and a network 110. In some examples, thenetwork 110 includes a local area network (LAN), wide area network(WAN), the Internet, or a combination thereof, and connects web sites,user devices (e.g., computing devices), and back-end systems. In someexamples, the network 110 can be accessed over a wired and/or a wirelesscommunications link. In some examples, the network 110 enablescommunication with, and within the consortium blockchain network 102. Ingeneral the network 110 represents one or more communication networks.In some cases, the computing devices 106, 108 can be nodes of a cloudcomputing system (not shown), or each computing device 106, 108 can be aseparate cloud computing system including a number of computersinterconnected by a network and functioning as a distributed processingsystem.

In the depicted example, the computing devices 106, 108 can each includeany appropriate computing system that enables participation as a node inthe consortium blockchain network 102. Examples of computing devicesinclude, without limitation, a server, a desktop computer, a laptopcomputer, a tablet computing device, and a smartphone. In some examples,the computing devices 106, 108 host one or more computer-implementedservices for interacting with the consortium blockchain network 102. Forexample, the computing device 106 can host computer-implemented servicesof a first entity (e.g., user A), such as a transaction managementsystem that the first entity uses to manage its transactions with one ormore other entities (e.g., other users). The computing device 108 canhost computer-implemented services of a second entity (e.g., user B),such as a transaction management system that the second entity uses tomanage its transactions with one or more other entities (e.g., otherusers). In the example of FIG. 1, the consortium blockchain network 102is represented as a peer-to-peer network of nodes, and the computingdevices 106, 108 provide nodes of the first entity, and second entityrespectively, which participate in the consortium blockchain network102.

FIG. 2 is a diagram illustrating an example of an architecture 200 inaccordance with embodiments of the specification. The example conceptualarchitecture 200 includes participant systems 202, 204, 206 thatcorrespond to Participant A, Participant B, and Participant C,respectively. Each participant (e.g., user, enterprise) participates ina blockchain network 212 provided as a peer-to-peer network includingmultiple nodes 214, at least some of which immutably record informationin a blockchain 216. Although a single blockchain 216 is schematicallydepicted within the blockchain network 212, multiple copies of theblockchain 216 are provided, and are maintained across the blockchainnetwork 212, as described in further detail herein.

In the depicted example, each participant system 202, 204, 206 isprovided by, or on behalf of Participant A, Participant B, andParticipant C, respectively, and functions as a respective node 214within the blockchain network. As used herein, a node generally refersto an individual system (e.g., computer, server) that is connected tothe blockchain network 212, and enables a respective participant toparticipate in the blockchain network. In the example of FIG. 2, aparticipant corresponds to each node 214. It is contemplated, however,that a participant can operate multiple nodes 214 within the blockchainnetwork 212, and/or multiple participants can share a node 214. In someexamples, the participant systems 202, 204, 206 communicate with, orthrough the blockchain network 212 using a protocol (e.g., hypertexttransfer protocol secure (HTTPS)), and/or using remote procedure calls(RPCs).

Nodes 214 can have varying degrees of participation within theblockchain network 212. For example, some nodes 214 can participate inthe consensus process (e.g., as miner nodes that add blocks to theblockchain 216), while other nodes 214 do not participate in theconsensus process. As another example, some nodes 214 store a completecopy of the blockchain 216, while other nodes 214 only store copies ofportions of the blockchain 216. For example, data access privileges canlimit the blockchain data that a respective participant stores withinits respective system. In the example of FIG. 2, the participant systems202, 204, and 206 store respective, complete copies 216′, 216″, and216′″ of the blockchain 216.

A blockchain (e.g., the blockchain 216 of FIG. 2) is made up of a chainof blocks, each block storing data. Examples of data include transactiondata representative of a transaction between two or more participants.While transactions are used herein by way of non-limiting example, it iscontemplated that any appropriate data can be stored in a blockchain(e.g., documents, images, videos, audio). Examples of a transaction caninclude, without limitation, exchanges of something of value (e.g.,assets, products, services, currency). The transaction data is immutablystored within the blockchain. That is, the transaction data cannot bechanged.

Before storing in a block, the transaction data is hashed. Hashing is aprocess of transforming the transaction data (provided as string data)into a fixed-length hash value (also provided as string data). It is notpossible to un-hash the hash value to obtain the transaction data.Hashing ensures that even a slight change in the transaction dataresults in a completely different hash value. Further, and as notedabove, the hash value is of fixed length. That is, no matter the size ofthe transaction data the length of the hash value is fixed. Hashingincludes processing the transaction data through a hash function togenerate the hash value. An example of a hash function includes, withoutlimitation, the secure hash algorithm (SHA)-256, which outputs 256-bithash values.

Transaction data of multiple transactions are hashed and stored in ablock. For example, hash values of two transactions are provided, andare themselves hashed to provide another hash. This process is repeateduntil, for all transactions to be stored in a block, a single hash valueis provided. This hash value is referred to as a Merkle root hash, andis stored in a header of the block. A change in any of the transactionswill result in change in its hash value, and ultimately, a change in theMerkle root hash.

Blocks are added to the blockchain through a consensus protocol.Multiple nodes within the blockchain network participate in theconsensus protocol, and perform work to have a block added to theblockchain. Such nodes are referred to as consensus nodes. PBFT,introduced above, is used as a non-limiting example of a consensusprotocol. The consensus nodes execute the consensus protocol to addtransactions to the blockchain, and update the overall state of theblockchain network.

In further detail, the consensus node generates a block header, hashesall of the transactions in the block, and combines the hash value inpairs to generate further hash values until a single hash value isprovided for all transactions in the block (the Merkle root hash). Thishash is added to the block header. The consensus node also determinesthe hash value of the most recent block in the blockchain (i.e., thelast block added to the blockchain). The consensus node also adds anonce value, and a timestamp to the block header.

In general, PBFT provides a practical Byzantine state machinereplication that tolerates Byzantine faults (e.g., malfunctioning nodes,malicious nodes). This is achieved in PBFT by assuming that faults willoccur (e.g., assuming the existence of independent node failures, and/ormanipulated messages sent by consensus nodes). In PBFT, the consensusnodes are provided in a sequence that includes a primary consensus node,and backup consensus nodes. The primary consensus node is periodicallychanged, Transactions are added to the blockchain by all consensus nodeswithin the blockchain network reaching an agreement as to the worldstate of the blockchain network. In this process, messages aretransmitted between consensus nodes, and each consensus nodes provesthat a message is received from a specified peer node, and verifies thatthe message was not modified during transmission.

In PBFT, the consensus protocol is provided in multiple phases with allconsensus nodes beginning in the same state. To begin, a client sends arequest to the primary consensus node to invoke a service operation(e.g., execute a transaction within the blockchain network). In responseto receiving the request, the primary consensus node multicasts therequest to the backup consensus nodes. The backup consensus nodesexecute the request, and each sends a reply to the client. The clientwaits until a threshold number of replies are received. In someexamples, the client waits for f+1 replies to be received, where f isthe maximum number of faulty consensus nodes that can be toleratedwithin the blockchain network. The final result is that a sufficientnumber of consensus nodes come to an agreement on the order of therecord that is to be added to the blockchain, and the record is eitheraccepted, or rejected.

In some blockchain networks, cryptography is implemented to maintainprivacy of transactions. For example, if two nodes want to keep atransaction private, such that other nodes in the blockchain networkcannot discern details of the transaction, the nodes can encrypt thetransaction data. An example of cryptography includes, withoutlimitation, symmetric encryption, and asymmetric encryption. Symmetricencryption refers to an encryption process that uses a single key forboth encryption (generating ciphertext from plaintext), and decryption(generating plaintext from ciphertext). In symmetric encryption, thesame key is available to multiple nodes, so each node can en-/de-crypttransaction data.

Asymmetric encryption uses keys pairs that each include a private key,and a public key, the private key being known only to a respective node,and the public key being known to any or all other nodes in theblockchain network. A node can use the public key of another node toencrypt data, and the encrypted data can be decrypted using other node'sprivate key. For example, and referring again to FIG. 2, Participant Acan use Participant B's public key to encrypt data, and send theencrypted data to Participant B. Participant B can use its private keyto decrypt the encrypted data (ciphertext) and extract the original data(plaintext). Messages encrypted with a node's public key can only bedecrypted using the node's private key.

Asymmetric encryption is used to provide digital signatures, whichenables participants in a transaction to confirm other participants inthe transaction, as well as the validity of the transaction. Forexample, a node can digitally sign a message, and another node canconfirm that the message was sent by the node based on the digitalsignature of Participant A. Digital signatures can also be used toensure that messages are not tampered with in transit. For example, andagain referencing FIG. 2, Participant A is to send a message toParticipant B. Participant A generates a hash of the message, and then,using its private key, encrypts the hash to provide a digital signatureas the encrypted hash. Participant A appends the digital signature tothe message, and sends the message with digital signature to ParticipantB. Participant B decrypts the digital signature using the public key ofParticipant A, and extracts the hash. Participant B hashes the messageand compares the hashes. If the hashes are same, Participant B canconfirm that the message was indeed from Participant A, and was nottampered with.

FIG. 3 is a diagram illustrating an example of an environment 300 inaccordance with embodiments of this specification. The environment 300implements trust timestamp services in a blockchain-based centralizedledger system 310. The blockchain-based centralized ledger system 310adopts a data structure of a blockchain to leverage immutability,reliability, and trustworthiness of data stored on the blockchain. Thecentralized ledger system 310 can also integrate trust timestampinformation from a trust time server 350 that is independent from thecentralized ledger system 310 for the data stored on the blockchain,which can greatly enhance credibility, auditability, and legality of thestored data.

In some embodiments, the centralized ledger system 310 can be a cloudcomputing system including one or more computers interconnected by anetwork. The centralized ledger system 310 can include any appropriatecomputing devices. Examples of computing devices include, withoutlimitation, a server, a desktop computer, a laptop computer, a tabletcomputing device, and a smartphone.

In some examples, the centralized ledger system 310 includes one or moreledger servers 320-1 to 320-n (collectively referred to herein as“320”). Each ledger server 320 can host one or more computer-implementedservices for interacting with at least one client, e.g., client 1 orclient m. The client can be an individual, a company, an organization, afinancial institution, an insurance company, or any other type ofentity. In some cases, a client can be associated with one or moreledger servers. In some cases, a ledger server can be associated withone or more clients.

The ledger server 320 can host a transaction management system toprovide a ledger service for a client, e.g., client 1 or client m, andthe client can use one or more associated devices, e.g., client device340-1 or 340-m (collectively referred to herein as “340”), to access thetransaction management system to use the ledger service. The clientdevice 340 can include any appropriate computing devices.

The ledger service provided by the ledger server 320 can enable a clientto store its data in a transparent, immutable, and cryptographicallyverifiable blockchain data structure, e.g., a blockchain. Each ledgerserver, e.g., 320-1 or 320-n, can maintain a respective blockchain,e.g., 322-1 to 322-n (collectively referred to herein as “322”). In someembodiments, each ledger server 320 can perform similar functions tothose of a blockchain network node (e.g., the computing device 106 or108 of FIG. 1 or the computing device 202, 204 or 206 of FIG. 2) in ablockchain network. For example, each ledger server 320 can generateblocks and add the blocks to the blockchain 322. In some embodiments,each ledger server 320 can function as a central trusted authority anddoes not need to perform consensus processes with other nodes (e.g.,other client devices or other leger servers) to establish trust. Forexample, each ledger server 320 can perform similar functions to thoseof a non-consensus node of a blockchain network. In some embodiments,each ledger server 320 can be the single node that creates and/ormanages the blockchain 322.

In some embodiments, each client can be associated with a respectiveblockchain. In some embodiments, one or more clients can be associatedwith a same blockchain. In some embodiments, a blockchain can beassociated with one or more clients.

In some examples, client 1 is an individual, a company, or anorganization. The client device 340-1 associated with client 1 caninteract with the ledger server 320-1 to obtain a ledger service of thecentralized ledger system 310. For example, the client device 340-1 canaccess the blockchain 322-1 to read and store transaction dataassociated with client 1 through the ledger server 320-1. The clientdevice 340-1 can include, for example, any suitable computer, module,server, or computing element programmed to perform methods describedherein. In some embodiments, the client device 340-1 can include a userdevice, such as, a personal computer, a smartphone, a tablet, or otherhandheld device.

In some examples, client m is an insurance company or a financialinstitution such as a bank that has a number of individual users. Theclient device 340-m associated with client m can interact with theledger server 320-m to provide a ledger service of the centralizedledger system 310 to the individual users of client m. For example, theclient device 340-m can access the blockchain 322-m to read and storetransaction data associated with client m through the ledger server320-m. In some cases, a user of client m can request a ledger service ofthe centralized ledger system 310 through the client device 340-m.

The data stored in a blockchain can be in a log format, including, forexample, not only for transaction logs but also other transaction dataand block data. Each blockchain stores data in a way that the data isimmutable and cannot be altered or deleted. Using cryptography canenable verification that there have been no unintended modification tothe stored data. Thus, data recorded on the blockchain are reliable andtrustworthy.

The blockchain can include one or more blocks. Each block in theblockchain is linked to a previous block immediately before it in thechain by including a hash of the previous block. Each block alsoincludes a local timestamp, its own hash, and one or more transactionsor transaction data. For example, the block can include a block headerand a block body. The block header can include the local timestamp, itsown hash, and a hash of the previous block. The block body can includepayload information such as the one or more transactions or transactiondata. The local timestamp indicates a time point or instance when theblock is generated and/or added to the blockchain. The local timestampcan be internally provided by the ledger server 320, the centralizedledger system 310, or a central trusted authority associated with thecentralized ledger system 310.

In some embodiments, the ledger server 320 sequentially receives aseries of transactions associated with a client and then stores thetransactions in blocks of a blockchain. In some embodiments, the ledgerserver 320 can receive one or more transactions, for example, from oneor more client devices 340. The received transactions can be stored in adata buffer. The ledger server 320 can generate a block to store thetransactions, for example, including transferee and transferor accounts,transaction amounts, or other types of information of the transactions.

In some embodiments, the ledger server 320 can store the transactions ina stream, array, or another data structure (referred to as a transactionstorage stream). For example, the transactions can be sequentiallystored in the transaction storage stream according to time of occurrenceof the transactions. Each transaction can have a respective transactionidentifier in the transaction storage stream, for example, according toits time of occurrence. The ledger server 320 can generate blocks toinclude a number of hashes for the transactions. In some embodiments,the hashes for the transactions can be stored according to the time ofoccurrence of corresponding transactions, instead of according to valuesof the hashes. In some embodiments, the hashes for the transactions canbe hashes of the transactions or hashes of the respective transactionidentifiers of the transactions. A block can include a hash of aprevious block immediately before it such that the blocks are anchoredwith each other to form a blockchain (or a block storage stream). Insuch a way, the blocks do not store details of the transactions. Thedetails of the transactions can be stored in the transaction storagestream in the ledger server 320 or a separate repository in thecentralized ledger system 310.

The ledger server 320 can also provide trust timestamp services to aclient. In some embodiments, the ledger server 320 can request trusttimestamps from the trust time server 350 for data stored in the ledgerserver 320, which can enhance credibility, auditability, and legality ofthe stored data. The trust time server 350 is independent from thecentralized ledger system 310. The trust time server 350 can beassociated with a third-party trust time authority that providesaccurate (or true) time services and can be, for example, globally,acknowledged or trusted by the public, auditing entities (such ascompanies, institutions, or organizations), and/or legal entities (suchas courts or governments). Trust timestamp information provided by thetrust time server 350 can be acknowledged or considered as legalitywithout notarization and/or forensic identification. For example, thetrust time server 350 can be a UTC (Coordinated Universal Time)/GMT(Greenwich Mean Time) server providing UTC/GMT time services. The trusttime server 350 can also be a time server of a trust authority providingstandard times for a country or a region.

The centralized ledger system 310 can communicate with the trust timeserver 350 through a network, e.g., the network 110 of FIG. 1. Inresponse to receiving a timestamp request from a customer, e.g., theledger server 320, the trust time server 350 can generate a timestampindicating a time point when receiving the timestamp request. The trusttime server 350 can generate a signature to authenticate the timestampand the timestamp request (e.g., a textual or imaging copy of thetimestamp request). For example, the trust time server 350 can use itsprivate key to sign, thus cryptographically encrypting, the timestampand the timestamp request. The trust time server 350 can generate adigital timestamp certificate including the timestamp and the associatedsignature and transmit timestamp information including the timestampcertificate to the customer. The trust time server 350 can provide thetrust timestamp service with a cost, e.g., $1 per timestamp request.

In some embodiments, the ledger server 320 transmits to the trust timeserver 350 a timestamp request for authenticating a time of a block in ablockchain. The timestamp request can include information of the block,e.g., a hash of the block. The time server 350 can generate and transmittimestamp information including the timestamp and associated signaturefor the block or a hash of the timestamp and associated signature. Afterreceiving the timestamp information from the trust time server 350, theledger server 320 can store the timestamp information or a hash of thetimestamp information into a following block immediately subsequent tothe block in the blockchain. In some embodiment, the timestampinformation can be stored as a transaction in the following block. Ablock storing the timestamp information can be referred to be atimestamped block. The timestamped block can be a block that includesonly the timestamp information, or a block that also include othertransactions in addition to the timestamp information. Timestampedblocks in the blockchain can be anchored or linked to each other in theblockchain.

In some embodiment, the ledger server 320 can periodically transmittimestamp requests for to-be-timestamped blocks in a blockchain to thetrust time server 350 with a predetermined triggering time period. Forexample, the ledger server 320 can include a timer counting a time aftertransmitting a first timestamp request. When the timer counts thepredetermined triggering time period, the ledger server 320 can betriggered to transmit a second timestamp request immediately subsequentto the first timestamp request. The centralized ledger system 310 or theledger server 320 can provide timestamp services with different costscorresponding to different triggering time periods. The triggering timeperiod can be predetermined by a client (or a user) associated with theblockchain or the ledger server 320. For example, the client can choosea timestamp service corresponding to a respective cost and a respectivetriggering time period.

In some embodiments, the ledger server 320 may not transmit timestamprequests to the trust time server 350 periodically. For example, theledger server 320 may transmit timestamp requests on demand or based onthe number of the blocks generated by the ledger server 320. Forexample, the ledger server 320 may transmit a timestamp request of ablock upon receiving instructions from the client, or upon apredetermined number of blocks have been recently added to theblockchain 322.

In some embodiments, the ledger server 320 may generate blocksperiodically at a predetermined time period of block generation. Thepredetermined triggering time period can be the same or different fromthe time period of block generation. The predetermined triggering timeperiod can be longer than the time period of block generation so thatnot every block is being timestamped, for example, due to the cost ofobtaining the timestamp from the trust time server 350. In someembodiments, the ledger server 320 may not generate blocks periodically.For example, the ledger server 320 may generate blocks on demand orbased on the number of the transactions received by the ledger server320. For example, the ledger server 320 may generate a new block uponreceiving a predetermined number of transactions.

In some embodiment, the ledger server 320 can include one or moreapplication programming interfaces (APIs) that is configured tocommunicate with the trust time server 350. An API can include a set ofsubroutine definitions, communication protocols, and tools for buildingsoftware, and defines functionality provided by a program (module,library) and allows abstraction from exactly how this functionality isimplemented. Software components interact with each other through theAPIs. In some embodiment, the ledger server 320 can include one or moreAPIs that can implement functionalities of receiving a hash of ato-be-timestamped block as an input for a timestamp request,transmitting the timestamp request to the trust time server 350, andreceiving trust timestamp information, e.g., a digital timestampcertificate or a timestamp and associated signature, sent by the trusttime server 350.

The ledger server 320 can include one or more APIs that are configuredto communicate with a client device 340 associated with a client. Theone or more APIs can implement functionalities such as receiving arequest for a timestamp service from the client device 340, listingdifferent timestamp services with different costs and differenttriggering time periods, receiving a selection among the timestampservices from the client device 340, and transmitting or displaying acorresponding cost with a corresponding triggering time period to theclient device 340. In some embodiment, the one or more APIs can alsoimplement functionalities such as receiving a request for verifying orauditing transactions stored on a blockchain associated with the clientand transmitting a verification or audition result to the client device340. As discussed with further details in FIGS. 4A and 4B, the one ormore APIs can also implement other functionalities such as receivingtransactions or transaction data and client signatures from the clientdevice 340 and transmitting a ledger signature indicating acknowledgingthe receipt or storage of the transactions or transaction data and/orthe client signatures.

In some embodiments, the centralized ledger system 310 includes acentralized server 330. The centralized server 330 can be incommunication with the number of ledger servers 320 in the centralizedledger system 310. In some embodiments, the ledger servers 320communicates with the client devices 340 through the centralized server330. For example, the centralized server 330 can receive data from aclient device 340 and send the data to a ledger server 320 correspondingto (or assigned to) the client device 340.

In some embodiments, the centralized server 330 can maintain a standardtime server for the centralized ledger system 310 and can provideinternal timestamps (and/or associated signatures) to the ledger servers320. For example, when a ledger server 320 generates a new block, theledger server 320 can obtain an internal timestamp (and/or associatedsignature) from the centralized server 330 and store the internaltimestamp (and/or associated signature) in the new block.

In some embodiments, each of the ledger servers 320 communicates withthe trust time server 350 through the centralized server 330. Forexample, the ledger servers 320 can transmit original timestamp requeststo the centralized server 330 and the centralized server 330 cantransmit the original timestamp requests or centralized server timestamprequests associated with the timestamp requests to the trust time server350, e.g., through a centralized API in the centralized server 330. Thecentralized server 330 can provide trust timestamp information obtainedfrom the trust time server 350 to the ledger servers 320. In some otherembodiments, as described above, each of the ledger servers 320 cancommunicate with the trust time server 350 directly without thecentralized server 330.

FIG. 4A is a diagram illustrating an example of a blockchain-basedcentralized ledger system 400 for implementing a trust timestamp servicein a single ledger server associated with a single client in accordancewith embodiments of this specification. The blockchain-based centralizedledger system 400 can include a single ledger server 420 dedicated toprovide a ledger service to a single client associated with a clientdevice 410. The blockchain-based centralized ledger system 400 can be anexample of the centralized ledger system 310 of FIG. 3. For example, theledger server 420 can be an example of the ledger server 320-1 of FIG.3. The client device 410 can be an example of the client device 340-1 ofFIG. 3. The client uses the client device 410 to access the ledgerservice provided by the ledger server 420, in the blockchain-basedcentralized ledger system 400. The ledger server 420 can also provide atrust timestamp service to the client by communicating with a trust timeserver 430, which can be, for example, the trust time server 350 of FIG.3.

The ledger server 420 can provide the ledger service and the trusttimestamp service exclusively to the client. The ledger server 420 canstore transaction data associated with the client in a blockchainexclusively for the client and independent (or separate) from otherclients in the centralized ledger system 400. The ledger server 420 canrequest and store trust timestamp information exclusively for thetransaction data associated with the client stored in the blockchain inthe ledger server 420. The client can have an administrative right forstoring transactions in the blockchain. In some cases, the client canprovide to a third party a secondary ledger right that allows the thirdparty to store transactions in the blockchain associated with theclient.

In some embodiments, when a transaction (or transaction data) associatedwith the client is stored in the ledger server 420, the client can usethe client device 410 to transmit a client signature to the ledgerserver 420. The client signature can indicate that the clientacknowledges that the transaction has been completed and/or is to bestored in the ledger server 420. Thus, the client cannot repudiate thetransaction.

In some embodiments, after receiving and/or storing the transaction (orthe transaction data) in the ledger server 420 (e.g., in a blockchain),the ledger server 420 can transmit a ledger signature to the clientdevice 410. The ledger signature can indicate that the ledger server 420acknowledges the receipt and/or storage of the transaction. Thus, theledger server 420 cannot deny storing the transaction.

In some embodiments, the ledger server 420 can transmit to the trusttime server 430 a timestamp request for transactions that are associatedwith the client and stored in the ledger server 420. The trust timeserver 430 can provide a timestamp and associated signature for thetransactions to the ledger server 420. The timestamp signature caninclude information of the transactions. Thus, the trust time server 430cannot deny that its endorsement of time of the transactions and thetimestamps for the transactions are trustworthy.

In some embodiments, the three respective rights of the three parties(the client, the ledger server, and the trust time server) areindependent from each other, which can enhance creditability andauditability of the transaction data stored in the centralized ledgersystem.

FIG. 4B is a diagram illustrating an example of a blockchain-basedcentralized ledger system 450 for providing a trust timestamp service tomultiple clients by a joint ledger server in accordance with embodimentsof this specification. The blockchain-based centralized ledger system450 can include a single joint ledger server 470 for providing a ledgerservice to multiple clients, client 1 to client n. The blockchain-basedcentralized ledger system 450 can be another example of the centralizedledger system 310 of FIG. 3. For example, the joint ledger server 470can be an example of the ledger server 320 of FIG. 3. Each client,client 1 to client n, can be associated with a respective client device,460-1 to 460-n. In some embodiments, the client devices 460-1 to 460-ncan be examples of the client device 340-1 or 340-m of FIG. 3. Eachclient can use its respective client device 460 to access the ledgerservice provided by the ledger server 420, in the blockchain-basedcentralized ledger system 450. As an example, the clients can includemultiple financial institutions such as customer banks.

Each client can use its associated client device to store transactions(or transaction data) in a joint blockchain shared with other clients.Similar to FIG. 4A, each client can transmit a respective clientsignature to the ledger server 470 and the ledger server 470 can returna corresponding ledger signature to the client. The ledger server 470can transmit timestamp requests for the transactions stored in the jointblockchain to the trust time server 430 and receive and store timestampinformation for the transactions in the joint blockchain.

FIG. 5 is a diagram illustrating an example of a process 500 forintegrating trust timestamp information for transaction data into ablockchain-based centralized ledger system in accordance withembodiments of this specification. The blockchain-based centralizedledger system can be the centralized ledger system 310 of FIG. 3. Thecentralized ledger system can include a ledger server 520, e.g., theledger server 320 of FIG. 3. The ledger server 520 can store transactiondata in a blockchain 530. The centralized ledger system can receivetrust timestamp information for the stored transaction data from a trusttime server 510. The trust time server 510 is independent from thecentralized ledger system and can be an example of the time server 350of FIG. 3 or the time server 430 of FIGS. 4A-4B. Blocks storing thetrust timestamp information for the transaction data from the trust timeserver 510 can be anchored to each other in the blockchain 530, whichcan further enhance credibility and auditability of the transaction datastored in the blockchain 530.

The blockchain 530 includes a number of blocks, e.g., block m to blockn+2. Each block has a block identifier, e.g., m, m+1, m+2, m+3, n, n+1,n+2, and is sequentially added to the blockchain 530, for example,according to a chronological order. Each block in the blockchain 530 canbe linked to a previous block immediately before it in the blockchain530 by including a hash of the previous block. For example, block m+1can include a hash of the previous block, block m. In some instances,the block m can be the first block, i.e., the genesis block of theblockchain 530. In some embodiments, each block also includes aninternal timestamp, its own hash, and one or more transactions ortransaction data. The internal timestamp indicates a time point when theblock is generated and added to the blockchain. The internal timestampcan be internally provided by the ledger server that generates theblock, the centralized ledger system or a central trusted authorityassociated with the centralized ledger system.

In some embodiments, the ledger server 520 can periodically transmit atimestamp request for a block in the blockchain 530 to the trust timeserver 510 with a triggering time period. The triggering time period canbe the same or different from a time period of block generation. In someembodiments, the triggering time period can be longer than the timeperiod of block generation so that not every block is being timestamped,for example, due to the cost of obtaining the timestamp from the trusttime server 510.

In some embodiments, the ledger server 520 may not generate blocksperiodically. For example, the ledger server 520 may generate blocks ondemand or based on the number of the transactions received by the ledgerserver 520. For example, the ledger server 520 may generate a new blockupon receiving a predetermined number of transactions.

In some embodiments, the ledger server 520 may not transmit timestamprequests to the trust time server periodically. For example, the ledgerserver 520 may transmit timestamp requests on demand or based on thenumber of the blocks generated by the ledger server 520. For example,the ledger server 520 may transmit a timestamp request of a block uponreceiving instructions from the client, or upon a predetermined numberof blocks have been recently added to the blockchain.

In some embodiments, when a timestamp request of a block is transmittedthe block can be the most recent block generated in the blockchain 530.The timestamp request can include a hash of the most recent block orother information to uniquely identify the most recent block. Forexample, when the ledger server 520 is triggered to transmit timestamprequest i, block m in the blockchain 530 is the most recent block. Theledger server 520 can generate a hash of block m and transmit thetimestamp request i including the hash of block m to the trust timeserver 510.

The ledger server 520 can include a timer counting a time aftertransmitting a first timestamp request, e.g., timestamp request i forblock m. When the timer counts to the triggering time period, the ledgerserver 520 can be triggered to transmit a second timestamp request,e.g., timestamp request i+1, to the trust time server 510. The timestamprequest i+1 can include a hash of the most recent block generated in theblockchain 530, e.g., block n, when the ledger server 520 is triggeredto transmit the timestamp request i+1.

As illustrated in FIG. 5, after transmitting the timestamp request i forblock m, the ledger server 520 receives a first timestamp and associatedsignature for block m from the trust time server 510. The ledger server520 can store information of the first timestamp and associatedsignature as a transaction in block m+1 that is immediately subsequentto block m in the blockchain 530. The information of the first timestampand associated signature can include, for example, at least one of thefirst timestamp and associated signature or a hash of the firsttimestamp and associated signature. Block m+1 storing the information ofthe first timestamp and associated signature for block m is atimestamped block in the blockchain 530. Block m+1 can also store a hashof block m, such that block m+1 is anchored to block m in the blockchain530. In some embodiments, the information of the timestamp andassociated signature can be stored in the block m+1 as a transaction. Insome cases, block m+1 includes other transaction data besides theinformation of the timestamp and associated signature for block n. Insome cases, block m+1 is a block exclusively storing the information ofthe timestamp and associated signature for block m.

Similarly, as illustrated in FIG. 5, after transmitting the timestamprequest i+1 for block n, the ledger server 520 receives a secondtimestamp and associated signature for block n. The ledger server 520stores information of the second timestamp and associated signature as atransaction in block n+1 that is immediately subsequent to block n inthe blockchain 530. Block n+1 storing the second information of thetimestamp and associated signature for block n is a timestamped block inthe blockchain 530. Block n+1 can also store a hash of block n, suchthat block n+1 is anchored to block n in the blockchain 530.

As shown in FIG. 5, block m+1 and block n+1 are adjacent to each otheramong the timestamped blocks generated in the blockchain 530.Specifically, block m+1 is a timestamped block that stores the firsttimestamp and associated signature for block m, and block n+1 is atimestamped block that stores the second timestamp and associatedsignature for block n received from the trust time server 510. Thesecond timestamp and associated signature for block n is receivedimmediately subsequent to the first timestamp and associated signaturefor block m among trust timestamp information received by the ledgerserver 520 from the trust time server 510. Other blocks, e.g., fromblock m+2 to block n, between the adjacent timestamped blocks, block m+1and block n+1, do not store trust timestamp information from the trusttime server 510. Each of the block m+1 to block n+1 can be referred toas a non-timestamped block.

A hash tangle exists between any two adjacent blocks (either atimestamped block or non-timestamped block) in the blockchain 530because each of the blocks, e.g., block m to block n+2, in theblockchain 530 is anchored to each other by storing a hash of aimmediately precedent block 530. For example, block m+1 stores a hash ofan immediately in the blockchain precedent block, block m, in a blockheader of block m+1. Similarly, block n+1 stores a hash of block n in ablock header of block m+1.

In some embodiments, a hash tangle can be added to between any twoadjacent timestamped blocks to provide enhanced immutability,trustworthiness, and verifiability of the blocks in the blockchain 530.For example, the adjacent timestamped blocks, block m+1 and block n+1,can be anchored or linked together in the blockchain 530. Thenon-timestamped blocks between them, block m+2 to block n, can bedetermined to be generated at time points between the first timestampstored in block m+1 and the second timestamp stored in block n+1. Thetimestamped blocks being anchored together can include that atimestamped block stores information that uniquely identifies apreceding timestamped block immediately before the timestamped blockamong the timestamped blocks in the blockchain. The information can bestored in a block header or a block body of the timestamped block.

In some embodiments, the timestamp request i+1 includes information of aprevious timestamped block that is the most recent timestamped blockgenerated in the blockchain 530, i.e., block m+1 in the example shown inFIG. 5. The information can include at least one of a hash of block m+1or a block identifier, i.e., m+1, of block m+1. In such a way, the twoadjacent timestamped blocks n+1 and m+1 can be anchored to each other.

In some embodiments, block n+1, the timestamped block immediatelysubsequent to the previous timestamped block, i.e., block m+1, storesinformation of block m+1. The information of block m+1 includes at leastone of the hash of block m+1 or the block identifier m+1 of block m+1.In such a way, the two adjacent timestamped blocks n+1 and m+1 can beanchored to each other.

In a particular embodiment, the timestamp request i+1 includes the hashof block n and at least one of the hash of block m+1 or the blockidentifier m+1. The timestamped block n+1 also includes the hash ofblock n and at least one of the hash of block m+1 or the blockidentifier m+1.

In some embodiments, a timestamp request can be disregarded if theledger server 520 has not received a reply from the trust time server510 within a predetermined tolerance time period after the timestamprequest is transmitted by the ledger server 520 to the trust time server510. The ledger server 520 can then wait to transmit a next timestamprequest immediately subsequent to the disregarded timestamp request whena periodical triggering time arrives. Thus, two adjacent timestampedblocks among the timestamped blocks in the blockchain 530 can correspondto two respective timestamp requests that are not adjacent among thetimestamp requests transmitted from the ledger server 520 and can beseparated from one or more disregarded timestamp requests between thetwo respective timestamp requests.

FIG. 6 is a flowchart illustrating an example of a process 600 forimplementation of timestamp services that can be executed in accordancewith embodiments of this specification. For convenience, the process 600will be described as being performed by a system of one or morecomputers, located in one or more locations, and programmedappropriately in accordance with this specification. For example, aledger server in a blockchain-based centralized ledger system canperform the process 600. The centralized ledger system can be an exampleof the centralized ledger system 310 of FIG. 3. The ledger server can bean example of the ledger server 320 of FIG. 3, the ledger server 420 ofFIG. 4A, 470 of FIG. 4B, or the ledger server 520 of FIG. 5.

At 602, individual timestamp requests for to-be-timestamped blocks in ablockchain are transmitted from the ledger server to a trust timeserver. The trust time server is independent from the centralized ledgersystem and can be associated with a trust time authority. The trust timeserver can be, for example, the trust time server 350 of FIG. 3, thetrust time server 430 of FIGS. 4A-4B, or the trust time server 510 ofFIG. 5. The blockchain can be, for example, the blockchain 322 of FIG. 3or the blockchain 530 of FIG. 5. Each of the to-be-timestamped blockscan be the most recent block generated in the blockchain when acorresponding timestamp request is transmitted. The correspondingtimestamp request can include a hash of the to-be-timestamped block orother type of information that uniquely identifies the to-be-timestampedblock.

In some embodiments, the ledger server may transmit timestamp requeststo the trust time server from time to time, on demand, or based on thenumber of the blocks generated by the ledger server. In someembodiments, the ledger server can periodically transmit timestamprequests for to-be-timestamped blocks in the blockchain to the timeserver with a predetermined triggering time period. The predeterminedtriggering time period can be associated with a corresponding cost for atimestamp service of the centralized ledger system. The predeterminedtriggering time period can be predetermined by a client (or a user)associated with the centralized ledger system.

At 604, respective timestamps and associated signatures for theto-be-timestamped blocks are received from the trust time server. Eachof the respective timestamps and associated signatures can be associatedwith an individual timestamp request that includes information of acorresponding to-be-timestamped block.

At 606, information of the respective timestamps and associatedsignatures for the to-be-timestamped blocks is stored in respectivetimestamped blocks in the blockchain, the timestamped blocks beinganchored with each other in the blockchain, for example, as described inconnection with FIG. 5.

In some embodiments, for each of the to-be-timestamped blocks, theledger server can generate a timestamped block in the blockchain toinclude the information of the timestamp and associated signature forthe to-be-timestamped block, for example, as a transaction in a blockbody of the timestamped block. In some embodiments, the information ofthe timestamps and associated signature for the to-be-timestamped blockis stored in a block header of the timestamped block.

In some embodiments, the timestamped block is a block immediatelysubsequent to the to-be-timestamped block in the blockchain. In someembodiments, the information of the timestamps and associated signatureinclude, for example, at least one of the timestamp and associatedsignature or a hash of the timestamp and associated signature. Forexample, the timestamped block can store a hash of the to-be-timestampedblock. In some embodiments, a block body of the timestamped blockincludes no other transaction data except the at least one of thetimestamp and associated signature or the hash of the timestamp andassociated signature. In some embodiments, a block body of thetimestamped block includes other transaction data in addition to theinformation of the timestamps and associated signature for theto-be-timestamped block.

In some embodiments, the timestamped blocks being anchored with eachother in the blockchain includes any adjacent two of the timestampedblocks in the blockchain being anchored with each other. For example,the adjacent two of the timestamped blocks can include a firsttimestamped block (e.g., block m+1) and a second timestamped block(e.g., block n+1), and the second timestamped block is immediatelysubsequent to the first timestamped block among the respectivetimestamped blocks in the blockchain (e.g., blockchain 530). Theadjacent two of the timestamped blocks in the blockchain being anchoredwith each other can include the second timestamped block comprisinginformation that uniquely identifies the first timestamped block.

In some embodiments, the information that uniquely identifies the firsttimestamped block includes at least one of: a hash of the firsttimestamped block, or a first respective block identifier for the firsttimestamped block, where each of the multiple blocks is associated witha respective block identifier, and the multiple blocks are stored inorder in the blockchain according to the respective block identifiers.

One or more non-timestamped blocks (e.g., block m+2 to block n) canexist between the first timestamped block and the second timestampedblock in the blockchain, and the one or more non-timestamped blocksinclude no timestamp information obtained from the trust time server.The first and second timestamped blocks being anchored together can beused to determine that the one or more non-timestamped blocks aregenerated at time points between a first timestamp included in the firsttimestamped block and a second timestamp included in the secondtimestamped block.

In some embodiments, a first timestamp request for a firstto-be-timestamped block of the to-be-timestamped blocks in theblockchain is transmitted to the trust time server at a first timepoint, and the first to-be-timestamped block is a first most recentblock in the blockchain at the first time point. The first timestamprequest can include a first hash of the first to-be-timestamped block. Asecond timestamp request for a second to-be-timestamped block of theto-be-timestamped blocks in the blockchain is transmitted to the trusttime server at a second time point after the first time point, and thesecond to-be-timestamped block is a second most recent block in theblockchain at the second time point. The second timestamp request caninclude a second cryptographic cash of the second to-be-timestampedblock.

In some cases, the second timestamp request is immediately subsequent tothe first timestamp request among the individual timestamp requeststransmitted from the ledger server to the trust time server. In somecases, the second timestamp request is not immediately subject to thefirst timestamp request and separated from one or more timestamprequests that are disregarded by the ledger server, for example, becausethe ledger server does not receive a reply from the trust time serverwithin a predetermined tolerance time period.

After transmitting the first timestamp request, the ledger server canreceive a first respective timestamp and associated signature for thefirst to-be-timestamped block from the trust time server and storeinformation of the first respective timestamp and associated signaturein a first timestamped block immediately subsequent to the firstto-be-timestamped block in the blockchain. After transmitting the secondtimestamp request, the ledger server can receive a second respectivetimestamp and associated signature for the second to-be-timestampedblock from the trust time server, and store information of the secondrespective timestamp and associated signature in a second timestampedblock immediately subsequent to the second to-be-timestamped block inthe blockchain. The second respective timestamp and associated signaturecan be immediately subsequent to the first respective timestamp andassociated signature among the respective timestamps and associatedsignatures for the to-be-timestamped blocks from the trust time server.The second timestamped block can be immediately subsequent to the firsttimestamped block among the timestamped blocks in the blockchain.

The second timestamped block can be anchored to the first timestampedblock by storing information that uniquely identifies the firsttimestamped block in the second timestamped block. In some embodiments,the second timestamp request includes information that uniquelyidentifies the first timestamped block. The information that uniquelyidentifies the first timestamped block can include at least one of ahash of the first timestamped block or a first respective blockidentifier for the first timestamped block, where each of the multipleblocks is associated with a respective block identifier, and themultiple blocks are stored in order in the blockchain according to therespective block identifiers.

In some embodiments, the second timestamped block includes informationthat uniquely identifies the first timestamped block. The informationthat uniquely identifies the first timestamped block can include atleast one of the hash of the first timestamped block or the firstrespective block identifier for the first timestamped block.

FIG. 7 depicts examples of modules of an apparatus 700 in accordancewith embodiments of this specification. The apparatus 700 can be anexample of an embodiment of a blockchain-based centralized ledger systemconfigured to provide ledger services and/or trust timestamp servicesfor transaction data stored in the centralized ledger system. Theapparatus 700 can correspond to the embodiments described above, and theapparatus 700 includes the following: a transmitting module 702 thattransmits individual timestamp requests for to-be-timestamped blocks ina blockchain to a trust time server that is associated with a trust timeauthority and independent from the centralized ledger system, theblockchain including a plurality of blocks storing transaction data; areceiving module 704 that receives respective timestamps and associatedsignatures for the to-be-timestamped blocks from the trust time server;and a storing module 706 that stores information of the respectivetimestamps and associated signatures for the to-be-timestamped blocks inrespective timestamped blocks in the blockchain, any adjacent two of thetimestamped blocks in the blockchain being anchored with each other.

In an optional embodiment, the adjacent two of the timestamped blocksinclude a first timestamped block and a second timestamped block, andthe second timestamped block is immediately subsequent to the firsttimestamped block among the respective timestamped blocks in theblockchain, and the adjacent two of the timestamped blocks in theblockchain being anchored with each other includes the secondtimestamped block including information that uniquely identifies thefirst timestamped block.

In an optional embodiment, the information that uniquely identifies thefirst timestamped block includes at least one of: a hash of the firsttimestamped block, or a first respective block identifier for the firsttimestamped block, wherein each of the plurality of blocks is associatedwith a respective block identifier, and the plurality of blocks arestored in order in the blockchain according to the respective blockidentifiers.

In an optional embodiment, one or more non-timestamped blocks existbetween the first timestamped block and the second timestamped block inthe blockchain, and the one or more non-timestamped blocks include notimestamp information obtained from the trust time server.

In an optional embodiment, the apparatus 700 further includes agenerating module that generates the respective timestamped blocks toinclude the information of the respective timestamps and associatedsignatures for the to-be-timestamped blocks as transaction data of therespective timestamped blocks.

In an optional embodiment, the storing module 706 is configured tostore, for each of the to-be-timestamped blocks, at least one of therespective timestamp and associated signature or a hash of therespective timestamp and associated signature in a timestamped blockimmediately subsequent to the to-be-timestamped block in the blockchain,where the timestamped block immediately subsequent to theto-be-timestamped block stores a hash of the to-be-timestamped block.

In an optional embodiment, a block body of the block immediatelysubsequent to the to-be-timestamped block includes no other transactiondata except the at least one of the respective timestamp and associatedsignature or the hash of the respective timestamp and associatedsignature.

In an optional embodiment, the transmitting module 702 is configured toperiodically transmit the individual timestamp requests for theto-be-timestamped blocks in the blockchain to the trust time server at apredetermined triggering time period.

In an optional embodiment, the transmitting module 702 is configured totransmit a first timestamp request for a first to-be-timestamped blockof the to-be-timestamped blocks in the blockchain to the trust timeserver at a first time point, where the first to-be-timestamped block isa first most recent block in the blockchain at the first time point, andtransmit a second timestamp request for a second to-be-timestamped blockof the to-be-timestamped blocks in the blockchain to the trust timeserver at a second time point after the first time point, where thesecond to-be-timestamped block is a second most recent block in theblockchain at the second time point.

In an optional embodiment, the receiving module 704 is configured toreceive a first respective timestamp and associated signature for thefirst to-be-timestamped block from the trust time server, and receive asecond respective timestamp and associated signature for the secondto-be-timestamped block from the trust time server. The secondrespective timestamp and associated signature can be immediatelysubsequent to the first respective timestamp and associated signatureamong the respective timestamps and associated signatures for theto-be-timestamped blocks.

In an optional embodiment, the storing module 706 is configured to storeinformation of the first respective timestamp and associated signaturein a first timestamped block immediately subsequent to the firstto-be-timestamped block in the blockchain, and store information of thesecond respective timestamp and associated signature in a secondtimestamped block immediately subsequent to the second to-be-timestampedblock in the blockchain. The second timestamped block can be immediatelysubsequent to the first timestamped block among the timestamped blocksin the blockchain and be anchored to the first timestamped block.

In an optional embodiment, the second timestamp request includesinformation that uniquely identifies the first timestamped block. Theinformation that uniquely identifies the first timestamped block caninclude at least one of a hash of the first timestamped block, or afirst respective block identifier for the first timestamped block, whereeach of the plurality of blocks is associated with a respective blockidentifier, and the plurality of blocks are stored in order in theblockchain according to the respective block identifiers.

In an optional embodiment, the second timestamped block includesinformation that uniquely identifies the first timestamped block. Theinformation that uniquely identifies the first timestamped block caninclude at least one of a hash of the first timestamped block, or thefirst respective block identifier for the first timestamped block.

In an optional embodiment, the first timestamp request includes a firsthash of the first to-be-timestamped block, and the second timestamprequest includes a second cryptographic cash of the secondto-be-timestamped block.

The system, apparatus, module, or unit illustrated in the previousembodiments can be implemented by using a computer chip or an entity, orcan be implemented by using a product having a certain function. Atypical embodiment device is a computer (and the computer can be apersonal computer), a laptop computer, a cellular phone, a camera phone,a smartphone, a personal digital assistant, a media player, a navigationdevice, an email receiving and sending device, a game console, a tabletcomputer, a wearable device, or any combination of these devices.

For an embodiment process of functions and roles of each module in theapparatus, references can be made to an embodiment process ofcorresponding steps in the previous method. Details are omitted here forsimplicity.

Because an apparatus embodiment basically corresponds to a methodembodiment, for related parts, references can be made to relateddescriptions in the method embodiment. The previously describedapparatus embodiment is merely an example. The modules described asseparate parts may or may not be physically separate, and partsdisplayed as modules may or may not be physical modules, may be locatedin one position, or may be distributed on a number of network modules.Some or all of the modules can be selected based on actual demands toachieve the objectives of the solutions of the specification. A personof ordinary skill in the art can understand and implement theembodiments of the present application without creative efforts.

Referring again to FIG. 7, it can be interpreted as illustrating aninternal functional module and a structure of a blockchain-basedcentralized ledger implementation apparatus. The blockchain-basedcentralized ledger implementation apparatus can be an example of acentralized ledger system configured to provide ledger services andtrust timestamp services for transaction data stored in the centralizedledger system. An execution body in essence can be an electronic device,and the electronic device includes the following: one or moreprocessors; and one or more computer-readable memories configured tostore an executable instruction of the one or more processors. In someembodiments, the one or more computer-readable memories are coupled tothe one or more processors and have programming instructions storedthereon that are executable by the one or more processors to performalgorithms, methods, functions, processes, flows, and procedures, asdescribed in this specification.

Described embodiments of the subject matter can include one or morefeatures, alone or in combination. For example, in a first embodiment, amethod includes: transmitting, individual timestamp requests forto-be-timestamped blocks of a blockchain to a trust time server by acomputing device in the centralized ledger system that stores data inthe blockchain, the trust time server being associated with a trust timeauthority and independent from the centralized ledger system, theblockchain including a plurality of blocks storing transaction data;receiving respective timestamps and associated signatures for theto-be-timestamped blocks from the trust time server by the computingdevice; and storing information of the respective timestamps andassociated signatures for the to-be-timestamped blocks in timestampedblocks in the blockchain by the computing device, any adjacent two ofthe timestamped blocks in the blockchain being anchored with each other.

The foregoing and other described embodiments can each, optionally,include one or more of the following features:

A first feature, combinable with any of the following features,specifies that the adjacent two of the timestamped blocks include afirst timestamped block and a second timestamped block, and the secondtimestamped block is immediately subsequent to the first timestampedblock among the respective timestamped blocks in the blockchain, and theadjacent two of the timestamped blocks in the blockchain being anchoredwith each other includes the second timestamped block includinginformation that uniquely identifies the first timestamped block.

A second feature, combinable with any of the following features,specifies that the information that uniquely identifies the firsttimestamped block includes at least one of: a hash of the firsttimestamped block, or a first respective block identifier for the firsttimestamped block, where each of the plurality of blocks is associatedwith a respective block identifier, and the plurality of blocks arestored in order in the blockchain according to the respective blockidentifiers.

A third feature, combinable with any of the following features,specifies that one or more non-timestamped blocks exist between thefirst timestamped block and the second timestamped block in theblockchain, and the one or more non-timestamped blocks include notimestamp information obtained from the trust time server.

A fourth feature, combinable with any of the following features, furtherincludes: generating the respective timestamped blocks to include theinformation of the respective timestamps and associated signatures forthe to-be-timestamped blocks as transaction data of the respectivetimestamped blocks by the computing device.

A fifth feature, combinable with any of the previous or followingfeatures, specifies that storing information of the respectivetimestamps and associated signatures for the to-be-timestamped blocks intimestamped blocks of the blockchain includes: for each of theto-be-timestamped blocks, storing at least one of the respectivetimestamp and associated signature or a hash of the respective timestampand associated signature in a respective timestamped block that is ablock immediately subsequent to the to-be-timestamped block in theblockchain, where the timestamped block stores a hash of theto-be-timestamped block.

A sixth feature, combinable with any of the previous or followingfeatures, specifies that a block body of the timestamped blockimmediately subsequent to the to-be-timestamped block includes no othertransaction data except the at least one of the respective timestamp andassociated signature or the hash of the respective timestamp andassociated signature.

A seventh feature, combinable with any of the previous or followingfeatures, specifies that transmitting individual timestamp requests forto-be-timestamped blocks in a blockchain to a trust time serverincludes: periodically transmitting the individual timestamp requestsfor the to-be-timestamped blocks in the blockchain to the trust timeserver at a predetermined triggering time period.

An eighth feature, combinable with any of the previous or followingfeatures, specifies that transmitting individual timestamp requests forto-be-timestamped blocks in a blockchain to a trust time serverincludes: transmitting a first timestamp request for a firstto-be-timestamped block of the to-be-timestamped blocks in theblockchain to the trust time server at a first time point, where thefirst to-be-timestamped block is a first most recent block in theblockchain at the first time point; and transmitting a second timestamprequest for a second to-be-timestamped block of the to-be-timestampedblocks in the blockchain to the trust time server at a second time pointafter the first time point, where the second to-be-timestamped block isa second most recent block in the blockchain at the second time point.

A ninth feature, combinable with any of the previous or followingfeatures, specifies that receiving respective timestamps and associatedsignatures for the to-be-timestamped blocks includes: receiving a firstrespective timestamp and associated signature for the firstto-be-timestamped block from the trust time server, and receiving asecond respective timestamp and associated signature for the secondto-be-timestamped block from the trust time server, where the secondrespective timestamp and associated signature is immediately subsequentto the first respective timestamp and associated signature among therespective timestamps and associated signatures for theto-be-timestamped blocks, and that storing information of the respectivetimestamps and associated signatures for the to-be-timestamped blocks intimestamped blocks of the blockchain includes: storing information ofthe first respective timestamp and associated signature in a firsttimestamped block immediately subsequent to the first to-be-timestampedblock in the blockchain, and storing information of the secondrespective timestamp and associated signature in a second timestampedblock immediately subsequent to the second to-be-timestamped block inthe blockchain, where the second timestamped block is immediatelysubsequent to the first timestamped block among the timestamped blocksin the blockchain and is anchored to the first timestamped block.

A tenth feature, combinable with any of the previous or followingfeatures, specifies that the adjacent two of the timestamped blocks inthe blockchain being anchored with each other includes: the secondtimestamp request comprising information that uniquely identifies thefirst timestamped block.

An eleventh feature, combinable with any of the previous or followingfeatures, specifies that the information that uniquely identifies thefirst timestamped block includes at least one of: a hash of the firsttimestamped block, or a first respective block identifier for the firsttimestamped block, where each of the plurality of blocks is associatedwith a respective block identifier, and the plurality of blocks arestored in order in the blockchain according to the respective blockidentifiers.

A twelfth feature, combinable with any of the previous or followingfeatures, specifies that the first timestamp request includes a firsthash of the first to-be-timestamped block, and the second timestamprequest includes a second cryptographic cash of the secondto-be-timestamped block.

Embodiments of the subject matter and the actions and operationsdescribed in this specification can be implemented in digital electroniccircuitry, in tangibly-embodied computer software or firmware, incomputer hardware, including the structures disclosed in thisspecification and their structural equivalents, or in combinations ofone or more of them. Embodiments of the subject matter described in thisspecification can be implemented as one or more computer programs, e.g.,one or more modules of computer program instructions, encoded on acomputer program carrier, for execution by, or to control the operationof, data processing apparatus. For example, a computer program carriercan include one or more computer-readable storage media that haveinstructions encoded or stored thereon. The carrier may be a tangiblenon-transitory computer-readable medium, such as a magnetic, magnetooptical, or optical disk, a solid state drive, a random access memory(RAM), a read-only memory (ROM), or other types of media. Alternatively,or in addition, the carrier may be an artificially generated propagatedsignal, e.g., a machine-generated electrical, optical, orelectromagnetic signal that is generated to encode information fortransmission to suitable receiver apparatus for execution by a dataprocessing apparatus. The computer storage medium can be or be part of amachine-readable storage device, a machine-readable storage substrate, arandom or serial access memory device, or a combination of one or moreof them. A computer storage medium is not a propagated signal.

A computer program, which may also be referred to or described as aprogram, software, a software application, an app, a module, a softwaremodule, an engine, a script, or code, can be written in any form ofprogramming language, including compiled or interpreted languages, ordeclarative or procedural languages; and it can be deployed in any form,including as a stand-alone program or as a module, component, engine,subroutine, or other unit suitable for executing in a computingenvironment, which environment may include one or more computersinterconnected by a data communication network in one or more locations.

A computer program may, but need not, correspond to a file in a filesystem. A computer program can be stored in a portion of a file thatholds other programs or data, e.g., one or more scripts stored in amarkup language document, in a single file dedicated to the program inquestion, or in multiple coordinated files, e.g., files that store oneor more modules, sub programs, or portions of code.

Processors for execution of a computer program include, by way ofexample, both general- and special-purpose microprocessors, and any oneor more processors of any kind of digital computer. Generally, aprocessor will receive the instructions of the computer program forexecution as well as data from a non-transitory computer-readable mediumcoupled to the processor.

The term “data processing apparatus” encompasses all kinds ofapparatuses, devices, and machines for processing data, including by wayof example a programmable processor, a computer, or multiple processorsor computers. Data processing apparatus can include special-purposelogic circuitry, e.g., an FPGA (field programmable gate array), an ASIC(application specific integrated circuit), or a GPU (graphics processingunit). The apparatus can also include, in addition to hardware, codethat creates an execution environment for computer programs, e.g., codethat constitutes processor firmware, a protocol stack, a databasemanagement system, an operating system, or a combination of one or moreof them.

The processes and logic flows described in this specification can beperformed by one or more computers or processors executing one or morecomputer programs to perform operations by operating on input data andgenerating output. The processes and logic flows can also be performedby special-purpose logic circuitry, e.g., an FPGA, an ASIC, or a GPU, orby a combination of special-purpose logic circuitry and one or moreprogrammed computers.

Computers suitable for the execution of a computer program can be basedon general or special-purpose microprocessors or both, or any other kindof central processing unit. Generally, a central processing unit willreceive instructions and data from a read only memory or a random accessmemory or both. Elements of a computer can include a central processingunit for executing instructions and one or more memory devices forstoring instructions and data. The central processing unit and thememory can be supplemented by, or incorporated in, special-purpose logiccircuitry.

Generally, a computer will also include, or be operatively coupled toreceive data from or transfer data to one or more storage devices. Thestorage devices can be, for example, magnetic, magneto optical, oroptical disks, solid state drives, or any other type of non-transitory,computer-readable media. However, a computer need not have such devices.Thus, a computer may be coupled to one or more storage devices, such as,one or more memories, that are local and/or remote. For example, acomputer can include one or more local memories that are integralcomponents of the computer, or the computer can be coupled to one ormore remote memories that are in a cloud network. Moreover, a computercan be embedded in another device, e.g., a mobile telephone, a personaldigital assistant (PDA), a mobile audio or video player, a game console,a Global Positioning System (GPS) receiver, or a portable storagedevice, e.g., a universal serial bus (USB) flash drive, to name just afew.

Components can be “coupled to” each other by being commutatively such aselectrically or optically connected to one another, either directly orvia one or more intermediate components. Components can also be “coupledto” each other if one of the components is integrated into the other.For example, a storage component that is integrated into a processor(e.g., an L2 cache component) is “coupled to” the processor.

To provide for interaction with a user, embodiments of the subjectmatter described in this specification can be implemented on, orconfigured to communicate with, a computer having a display device,e.g., a LCD (liquid crystal display) monitor, for displaying informationto the user, and an input device by which the user can provide input tothe computer, e.g., a keyboard and a pointing device, e.g., a mouse, atrackball or touchpad. Other kinds of devices can be used to provide forinteraction with a user as well; for example, feedback provided to theuser can be any form of sensory feedback, e.g., visual feedback,auditory feedback, or tactile feedback; and input from the user can bereceived in any form, including acoustic, speech, or tactile input. Inaddition, a computer can interact with a user by sending documents toand receiving documents from a device that is used by the user; forexample, by sending web pages to a web browser on a user's device inresponse to requests received from the web browser, or by interactingwith an app running on a user device, e.g., a smartphone or electronictablet. Also, a computer can interact with a user by sending textmessages or other forms of message to a personal device, e.g., asmartphone that is running a messaging application, and receivingresponsive messages from the user in return.

This specification uses the term “configured to” in connection withsystems, apparatus, and computer program components. For a system of oneor more computers to be configured to perform particular operations oractions means that the system has installed on it software, firmware,hardware, or a combination of them that in operation cause the system toperform the operations or actions. For one or more computer programs tobe configured to perform particular operations or actions means that theone or more programs include instructions that, when executed by dataprocessing apparatus, cause the apparatus to perform the operations oractions. For special-purpose logic circuitry to be configured to performparticular operations or actions means that the circuitry has electroniclogic that performs the operations or actions.

While this specification contains many specific embodiment details,these should not be construed as limitations on the scope of what isbeing claimed, which is defined by the claims themselves, but rather asdescriptions of features that may be specific to particular embodiments.Certain features that are described in this specification in the contextof separate embodiments can also be realized in combination in a singleembodiment. Conversely, various features that are described in thecontext of a single embodiments can also be realized in multipleembodiments separately or in any suitable subcombination. Moreover,although features may be described above as acting in certaincombinations and even initially be claimed as such, one or more featuresfrom a claimed combination can in some cases be excised from thecombination, and the claim may be directed to a subcombination orvariation of a subcombination.

Similarly, while operations are depicted in the drawings and recited inthe claims in a particular order, this should not be understood asrequiring that such operations be performed in the particular ordershown or in sequential order, or that all illustrated operations beperformed, to achieve desirable results. In certain circumstances,multitasking and parallel processing may be advantageous. Moreover, theseparation of various system modules and components in the embodimentsdescribed above should not be understood as requiring such separation inall embodiments, and it should be understood that the described programcomponents and systems can generally be integrated together in a singlesoftware product or packaged into multiple software products.

Particular embodiments of the subject matter have been described. Otherembodiments are within the scope of the following claims. For example,the actions recited in the claims can be performed in a different orderand still achieve desirable results. As one example, the processesdepicted in the accompanying figures do not necessarily require theparticular order shown, or sequential order, to achieve desirableresults. In some cases, multitasking and parallel processing may beadvantageous.

What is claimed is:
 1. A computer-implemented method for managing ablockchain-based centralized ledger system, the computer-implementedmethod comprising: transmitting individual timestamp requests forto-be-timestamped blocks in a blockchain to a trust time server by acomputing device in the blockchain-based centralized ledger system thatstores data in the blockchain, the trust time server being associatedwith a trust time authority and independent from the blockchain-basedcentralized ledger system, the blockchain including a plurality ofblocks storing transaction data; receiving respective timestamps andassociated signatures for the to-be-timestamped blocks from the trusttime server by the computing device; and storing information of therespective timestamps and associated signatures for theto-be-timestamped blocks in respective timestamped blocks in theblockchain by the computing device, any adjacent two of the timestampedblocks in the blockchain being anchored with each other.
 2. Thecomputer-implemented method of claim 1, wherein the adjacent two of thetimestamped blocks comprise a first timestamped block and a secondtimestamped block, and the second timestamped block is immediatelysubsequent to the first timestamped block among the respectivetimestamped blocks in the blockchain, and wherein the adjacent two ofthe timestamped blocks in the blockchain being anchored with each othercomprises the second timestamped block comprising information thatuniquely identifies the first timestamped block.
 3. Thecomputer-implemented method of claim 2, wherein the information thatuniquely identifies the first timestamped block comprises at least oneof: a hash of the first timestamped block, or a first respective blockidentifier for the first timestamped block, wherein each of theplurality of blocks is associated with a respective block identifier,and the plurality of blocks are stored in order in the blockchainaccording to the respective block identifiers.
 4. Thecomputer-implemented method of claim 2, wherein one or morenon-timestamped blocks exist between the first timestamped block and thesecond timestamped block in the blockchain, and wherein the one or morenon-timestamped blocks include no timestamp information obtained fromthe trust time server.
 5. The computer-implemented method of claim 1,further comprising generating the respective timestamped blocks toinclude the information of the respective timestamps and associatedsignatures for the to-be-timestamped blocks as transaction data of therespective timestamped blocks by the computing device.
 6. Thecomputer-implemented method of claim 1, wherein storing information ofthe respective timestamps and associated signatures for theto-be-timestamped blocks in timestamped blocks of the blockchaincomprises: for each to-be-timestamped block of the to-be-timestampedblocks, storing at least one of the respective timestamps and associatedsignatures or a hash of the at least one of the respective timestampsand associated signatures in a respective timestamped block that is ablock immediately subsequent to the to-be-timestamped block in theblockchain, wherein the respective timestamped block stores a hash ofthe to-be-timestamped block.
 7. The computer-implemented method of claim6, wherein a block body of the respective timestamped block comprises noother transaction data except the at least one of the respectivetimestamps and associated signatures or the hash of the at least one ofthe respective timestamps and associated signatures.
 8. Thecomputer-implemented method of claim 1, wherein transmitting individualtimestamp requests for to-be-timestamped blocks in a blockchain to atrust time server comprises: periodically transmitting the individualtimestamp requests for the to-be-timestamped blocks in the blockchain tothe trust time server at a predetermined triggering time period.
 9. Thecomputer-implemented method of claim 1, wherein transmitting individualtimestamp requests for to-be-timestamped blocks in a blockchain to atrust time server comprises: transmitting a first timestamp request fora first to-be-timestamped block of the to-be-timestamped blocks in theblockchain to the trust time server at a first time point, wherein thefirst to-be-timestamped block is a first most current block in theblockchain at the first time point; and transmitting a second timestamprequest for a second to-be-timestamped block of the to-be-timestampedblocks in the blockchain to the trust time server at a second time pointafter the first time point, wherein the second to-be-timestamped blockis a second most current block in the blockchain at the second timepoint.
 10. The computer-implemented method of claim 9, wherein receivingrespective timestamps and associated signatures for theto-be-timestamped blocks comprises: receiving a first respectivetimestamp and associated signature for the first to-be-timestamped blockfrom the trust time server; and receiving a second respective timestampand associated signature for the second to-be-timestamped block from thetrust time server, wherein the second respective timestamp andassociated signature is immediately subsequent to the first respectivetimestamp and associated signature among the respective timestamps andassociated signatures for the to-be-timestamped blocks, and whereinstoring information of the respective timestamps and associatedsignatures for the to-be-timestamped blocks in timestamped blocks of theblockchain comprises: storing information of the first respectivetimestamp and associated signature in a first timestamped blockimmediately subsequent to the first to-be-timestamped block in theblockchain; and storing information of the second respective timestampand associated signature in a second timestamped block immediatelysubsequent to the second to-be-timestamped block in the blockchain,wherein the second timestamped block is immediately subsequent to thefirst timestamped block among the timestamped blocks in the blockchainand is anchored to the first timestamped block.
 11. Thecomputer-implemented method of claim 10, wherein the adjacent two of thetimestamped blocks in the blockchain being anchored with each othercomprises: the second timestamp request comprising information thatuniquely identifies the first timestamped block.
 12. Thecomputer-implemented method of claim 11, wherein the information thatuniquely identifies the first timestamped block comprises at least oneof: a hash of the first timestamped block, or a first respective blockidentifier for the first timestamped block, wherein each of theplurality of blocks is associated with a respective block identifier,and the plurality of blocks are stored in order in the blockchainaccording to the respective block identifiers.
 13. Thecomputer-implemented method of claim 9, wherein the first timestamprequest comprises a first hash of the first to-be-timestamped block, andwherein the second timestamp request comprises a second cryptographiccash of the second to-be-timestamped block.
 14. A non-transitory,computer-readable medium storing one or more instructions executable bya computer system to perform operations for managing a blockchain-basedcentralized ledger system, comprising: transmitting individual timestamprequests for to-be-timestamped blocks in a blockchain to a trust timeserver by a computing device in the blockchain-based centralized ledgersystem that stores data in the blockchain, the trust time server beingassociated with a trust time authority and independent from theblockchain-based centralized ledger system, the blockchain including aplurality of blocks storing transaction data; receiving respectivetimestamps and associated signatures for the to-be-timestamped blocksfrom the trust time server by the computing device; and storinginformation of the respective timestamps and associated signatures forthe to-be-timestamped blocks in respective timestamped blocks in theblockchain by the computing device, any adjacent two of the timestampedblocks in the blockchain being anchored with each other.
 15. Thenon-transitory, computer-readable medium of claim 14, wherein theadjacent two of the timestamped blocks comprise a first timestampedblock and a second timestamped block, and the second timestamped blockis immediately subsequent to the first timestamped block among therespective timestamped blocks in the blockchain, and wherein theadjacent two of the timestamped blocks in the blockchain being anchoredwith each other comprises the second timestamped block comprisinginformation that uniquely identifies the first timestamped block. 16.The non-transitory, computer-readable medium of claim 15, wherein theinformation that uniquely identifies the first timestamped blockcomprises at least one of: a hash of the first timestamped block, or afirst respective block identifier for the first timestamped block,wherein each of the plurality of blocks is associated with a respectiveblock identifier, and the plurality of blocks are stored in order in theblockchain according to the respective block identifiers.
 17. Thenon-transitory, computer-readable medium of claim 15, wherein one ormore non-timestamped blocks exist between the first timestamped blockand the second timestamped block in the blockchain, and wherein the oneor more non-timestamped blocks include no timestamp information obtainedfrom the trust time server.
 18. The non-transitory, computer-readablemedium of claim 14, further comprising generating the respectivetimestamped blocks to include the information of the respectivetimestamps and associated signatures for the to-be-timestamped blocks astransaction data of the respective timestamped blocks by the computingdevice.
 19. The non-transitory, computer-readable medium of claim 14,wherein storing information of the respective timestamps and associatedsignatures for the to-be-timestamped blocks in timestamped blocks of theblockchain comprises: for each to-be-timestamped block of theto-be-timestamped blocks, storing at least one of the respectivetimestamps and associated signatures or a hash of the at least one ofthe respective timestamps and associated signatures in a respectivetimestamped block that is a block immediately subsequent to theto-be-timestamped block in the blockchain, wherein the respectivetimestamped block stores a hash of the to-be-timestamped block.
 20. Thenon-transitory, computer-readable medium of claim 19, wherein a blockbody of the respective timestamped block comprises no other transactiondata except the at least one of the respective timestamps and associatedsignatures or the hash of the at least one of the respective timestampsand associated signatures.
 21. The non-transitory, computer-readablemedium of claim 14, wherein transmitting individual timestamp requestsfor to-be-timestamped blocks in a blockchain to a trust time servercomprises: periodically transmitting the individual timestamp requestsfor the to-be-timestamped blocks in the blockchain to the trust timeserver at a predetermined triggering time period.
 22. Thenon-transitory, computer-readable medium of claim 14, whereintransmitting individual timestamp requests for to-be-timestamped blocksin a blockchain to a trust time server comprises: transmitting a firsttimestamp request for a first to-be-timestamped block of theto-be-timestamped blocks in the blockchain to the trust time server at afirst time point, wherein the first to-be-timestamped block is a firstmost current block in the blockchain at the first time point; andtransmitting a second timestamp request for a second to-be-timestampedblock of the to-be-timestamped blocks in the blockchain to the trusttime server at a second time point after the first time point, whereinthe second to-be-timestamped block is a second most current block in theblockchain at the second time point.
 23. The non-transitory,computer-readable medium of claim 22, wherein receiving respectivetimestamps and associated signatures for the to-be-timestamped blockscomprises: receiving a first respective timestamp and associatedsignature for the first to-be-timestamped block from the trust timeserver; and receiving a second respective timestamp and associatedsignature for the second to-be-timestamped block from the trust timeserver, wherein the second respective timestamp and associated signatureis immediately subsequent to the first respective timestamp andassociated signature among the respective timestamps and associatedsignatures for the to-be-timestamped blocks, and wherein storinginformation of the respective timestamps and associated signatures forthe to-be-timestamped blocks in timestamped blocks of the blockchaincomprises: storing information of the first respective timestamp andassociated signature in a first timestamped block immediately subsequentto the first to-be-timestamped block in the blockchain; and storinginformation of the second respective timestamp and associated signaturein a second timestamped block immediately subsequent to the secondto-be-timestamped block in the blockchain, wherein the secondtimestamped block is immediately subsequent to the first timestampedblock among the timestamped blocks in the blockchain and is anchored tothe first timestamped block.
 24. The non-transitory, computer-readablemedium of claim 23, wherein the adjacent two of the timestamped blocksin the blockchain being anchored with each other comprises: the secondtimestamp request comprising information that uniquely identifies thefirst timestamped block.
 25. The non-transitory, computer-readablemedium of claim 24, wherein the information that uniquely identifies thefirst timestamped block comprises at least one of: a hash of the firsttimestamped block, or a first respective block identifier for the firsttimestamped block, wherein each of the plurality of blocks is associatedwith a respective block identifier, and the plurality of blocks arestored in order in the blockchain according to the respective blockidentifiers.
 26. The non-transitory, computer-readable medium of claim22, wherein the first timestamp request comprises a first hash of thefirst to-be-timestamped block, and wherein the second timestamp requestcomprises a second cryptographic cash of the second to-be-timestampedblock.
 27. A computer-implemented system for managing a blockchain-basedcentralized ledger system, comprising: one or more processors; and oneor more computer-readable memories coupled to the one or more processorsand having instructions stored thereon that are executable by the one ormore processors to perform one or more operations for: transmittingindividual timestamp requests for to-be-timestamped blocks in ablockchain to a trust time server by a computing device in theblockchain-based centralized ledger system that stores data in theblockchain, the trust time server being associated with a trust timeauthority and independent from the blockchain-based centralized ledgersystem, the blockchain including a plurality of blocks storingtransaction data; receiving respective timestamps and associatedsignatures for the to-be-timestamped blocks from the trust time serverby the computing device; and storing information of the respectivetimestamps and associated signatures for the to-be-timestamped blocks inrespective timestamped blocks in the blockchain by the computing device,any adjacent two of the timestamped blocks in the blockchain beinganchored with each other.
 28. The computer-implemented system of claim27, wherein the adjacent two of the timestamped blocks comprise a firsttimestamped block and a second timestamped block, and the secondtimestamped block is immediately subsequent to the first timestampedblock among the respective timestamped blocks in the blockchain, andwherein the adjacent two of the timestamped blocks in the blockchainbeing anchored with each other comprises the second timestamped blockcomprising information that uniquely identifies the first timestampedblock.
 29. The computer-implemented system of claim 28, wherein theinformation that uniquely identifies the first timestamped blockcomprises at least one of: a hash of the first timestamped block, or afirst respective block identifier for the first timestamped block,wherein each of the plurality of blocks is associated with a respectiveblock identifier, and the plurality of blocks are stored in order in theblockchain according to the respective block identifiers.
 30. Thecomputer-implemented system of claim 28, wherein one or morenon-timestamped blocks exist between the first timestamped block and thesecond timestamped block in the blockchain, and wherein the one or morenon-timestamped blocks include no timestamp information obtained fromthe trust time server.